我怎么能在蔚蓝的保护内部的角色(SSL至少) [英] How can I secure internal roles in azure (SSL at minimum)
问题描述
我工作的一个HIPAA云项目,并正在实施一个密钥存储为所有PHI(私人健康信息)加密的密钥对的中央资料库......我并不担心实际数据,因为这将是在休息和在运输过程中进行加密。
I am working on a HIPAA cloud project and am implementing a Key Store as a central repository for all of the key pairs for PHI(Private Health Information) encryption... I am not worried about the actual data because it will be encrypted at rest and in transit.
然而,当工人或webrole需要,他们需要解密和重新加密(如果他们这样做更新)中的数据的工作。这其中关键的商店开始发挥作用。不过,我不希望这种内部服务公开,我也需要它是SSLed,因为以明文形式发送键,即使里面角色的虚拟网络不会通过安全审计。
However when a worker or webrole needs to work with the data they need to decrypt and reencrypt it (if they do updates). That's where the key Store comes into play. However, I don't want this internal service exposed and I also need it to be SSLed, because sending keys in the clear, even inside a virtual network of roles wouldn't pass a security audit.
所以我如何能得到一个Web或辅助角色使用SSL与内部端点的任何建议?
So any suggestions on how I can get a web or worker role to use SSL with an internal endpoint?
感谢
推荐答案
我不认为你可以。内部端点上的一个封闭的网络分支,因此HTTPS通常是多余的(虽然我理解你的合规性问题)。我发现这个答案(我的问题)搞清楚内部端点的安全性非常有用:<一href=\"http://stackoverflow.com/questions/11584163/how-secure-are-windows-azure-internal-endpoints\">How安全是Windows Azure的内部端点 - ?看到更详细的职位,布伦特链接
I don't think you can. Internal endpoints are on a closed network branch, so https would normally be redundant (although I understand your compliance issues). I found this answer (to my question) very useful in figuring out the security of internal endpoints: How secure are Windows Azure internal endpoints? - see the more detailed post that Brent links to.
这篇关于我怎么能在蔚蓝的保护内部的角色(SSL至少)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
